MegaRAC Default Credentials Vulnerability
CVE-2022-40242

7.5HIGH

Key Information:

Vendor: Ami
Status: Megarac Spx12; Megarac Spx13
Vendor: CVE Published:; 5 December 2022

What is CVE-2022-40242?

MegaRAC Default Credentials Vulnerability

Affected Version(s)

MegaRAC SPx12 0

MegaRAC SPx13 0

References

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 5, 2022
Vulnerability Reserved
Sep 8, 2022

Credit

Vlad Babkin from Eclypsium Research

.

CVE-2022-40242 : MegaRAC Default Credentials Vulnerability